fd18366965
Adjust declared dependencies in library/x509*
...
*** Comparing before-default -> after-default ***
x509parse: total 723; skipped 26 -> 26
x509write: total 41; skipped 8 -> 8
*** Comparing before-full -> after-full ***
x509parse: total 723; skipped 25 -> 25
x509write: total 41; skipped 0 -> 0
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-19 10:15:56 +02:00
f3f6b0a5c3
Merge pull request #6123 from yuhaoth/pr/finialize-tls13-serialize_session_save_load
...
TLS 1.3:finalize tls13 serialize session save and load
2022-08-19 08:16:05 +02:00
92cd8642fa
Merge pull request #6090 from hanno-arm/fix_bnmul_arm_v7a
...
Remove encoding width suffix from Arm bignum assembly
2022-08-18 08:48:03 +01:00
e28d9745a1
fix coding style issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-08-18 15:44:03 +08:00
3419107e8d
Add checks for ticket and resumption_key fields
...
From RFC 8446 and the definition of session, we
should check the length.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-08-18 11:28:41 +08:00
e36fdd676c
Change signature of tls13_session_save
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-08-17 21:50:25 +08:00
a7448bf19d
Merge pull request #6141 from mpg/driver-hashes-rsa-v21
...
Driver hashes rsa v21
2022-08-16 09:52:39 +01:00
7b1be55484
Merge pull request #5993 from eliteraspberries/android-soname
...
Allow non-versioned library soname.
2022-08-12 13:49:55 +01:00
6a8673092f
Allow non-versioned library soname.
...
Signed-off-by: Mansour Moufid <mansourmoufid@gmail.com >
2022-08-12 11:02:01 +01:00
71bf28bb34
Fix include file path
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-11 12:50:06 +02:00
f98b57f231
Initialize status/ret to error value
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-11 12:50:06 +02:00
2aae040615
make ret_from_status() global function and move it to has_info.[ch]
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-11 12:50:06 +02:00
712bb9c5af
Use more suitable function for checking if hash is supported
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-11 12:50:06 +02:00
79b99f47a1
Fix definition of MD_OR_PSA macros
...
The code will make the decision based on availability of MD, not of
MD+this_hash. The later would only be possible at runtime (the hash
isn't known until then, that's the whole point of MD), so we'd need to
have both MD-based and PSA-based code paths in a single build, which
would have a very negative impact on code size. So, instead, we choose
based on the presence of MD, which is know at compile time, so we only
have one of the two code paths in each build.
Adjust the macros so that they match the logic of the code using them.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2022-08-11 12:50:06 +02:00
077ba8489d
PKCS#1 v2.1 now builds with PSA if no MD_C
...
Test coverage not there yet, as the entire test_suite_pkcs1_v21 is
skipped so far - dependencies to be adjusted in a future commit.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2022-08-11 12:47:02 +02:00
faa3b4e0c3
Get rid of md_info outside helper functions
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2022-08-11 12:47:02 +02:00
35c09e4824
Introduce compute_hash() function
...
This allows callers not to worry with md_info and makes it easier to
provide a PSA version for when MD_C is not available.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2022-08-11 12:47:02 +02:00
f701acc088
Extract common code into hash_mprime()
...
This will also make it easier to provide a PSA-based version for when MD
is not available.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2022-08-11 12:47:02 +02:00
f3a6755450
Simplify callers of mgf_mask()
...
Some of them no longer need md_ctx, some of those no longer need the
exit dance that was used to free it, or need it on a smaller scope.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2022-08-11 12:47:02 +02:00
259c213545
Tune API of internal function mgf_mask in RSA
...
This is a first step towards making a version of this function that
uses PSA when MD is not available.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2022-08-11 12:47:02 +02:00
8a9f88899d
Merge pull request #6186 from leorosen/ssl_tls_null_on_invalid_code
...
ssl_tls: avoid the appearance of a potential NULL dereferencing
2022-08-11 10:12:34 +01:00
e9d8dcdbf5
ssl_tls: avoid the appearance of a potential NULL dereferencing
...
Looking at the bigger picture it is clear that if `ssl->session` is NULL,
there will be a failure much earlier, and that is well protected from,
however, the practice of dereferencing a pointer which has not been
verified in prior for validity goes against secure coding practices.
Signed-off-by: Leonid Rozenboim <leonid.rozenboim@oracle.com >
2022-08-09 12:34:30 -07:00
f421d45869
Merge pull request #6139 from AdityaHPatwardhan/fix/build_error_due_to_missing_prototype
...
Fix build error due to missing prototype warning when `MBEDTLS_DEPRECATED_REMOVED` is enabled
2022-08-09 11:27:42 +01:00
953ce3962f
Merge pull request #5971 from yuhaoth/pr/add-rsa-pss-rsae-for-tls12
...
Add rsa pss rsae for tls12
2022-08-09 10:21:45 +01:00
b3edc1576c
Merge pull request #2602 from edsiper/crt-symlink
...
x509_crt: handle properly broken links when looking for certificates
2022-08-03 13:05:29 +02:00
07e7fe516b
Merge pull request #6088 from tuvshinzayaArm/validation_remove_change_curve
...
Validation remove and change in files related to curve in library
2022-08-03 13:05:16 +02:00
7e1ee0f04b
Merge pull request #6114 from mman/development
...
Use double quotes to include private header file psa_crypto_cipher.h
2022-08-03 13:04:57 +02:00
4741e0b56c
Use double quotes to include private header file psa_crypto_cipher.h
...
Signed-off-by: Martin Man <mman@martinman.net >
Co-authored-by: Tom Cosgrove <81633263+tom-cosgrove-arm@users.noreply.github.com >
2022-08-02 12:44:35 +02:00
3096f331ee
Fix missing prototype warning when MBEDTLS_DEPRECATED_REMOVED is
...
enabled
Added the changelog.d entry
Signed-off-by: Aditya Patwardhan <aditya.patwardhan@espressif.com >
2022-08-02 11:15:18 +05:30
919ff15ecf
Merge pull request #4686 from Kazuyuki-Kimura/patch_#2020
...
Fixed a bug that the little-endian Microblaze does not work when MBEDTLS_HAVE_ASM is defined
2022-07-29 17:08:11 +01:00
27036c9e28
Merge pull request #6142 from tom-cosgrove-arm/fix-comments-in-docs-and-comments
...
Fix a/an typos in doxygen and other comments
2022-07-29 12:59:05 +01:00
c3bf748dc7
fix vertical alignment
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-07-29 10:27:17 +08:00
09a99fcf8a
Add rsa_pss_rsae_* sig algos for tls12 default
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-07-28 23:08:00 +08:00
379b1ff3a5
remove useless comment
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-07-28 23:08:00 +08:00
95b743ca17
Rename get_pk_type_and_md_alg
...
The function is for both tls12 and tls13 now.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-07-28 23:08:00 +08:00
693a47ab1d
add rsa_pss_rsae_* support in tls12
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-07-28 23:08:00 +08:00
86669de348
Broke 2 long lines
...
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com >
2022-07-28 10:31:16 +01:00
aba26d0099
Merge pull request #5963 from tom-daubney-arm/remove_ssl_compression_new
...
Remove use of SSL session compression
2022-07-28 10:28:23 +01:00
f6b8c3297a
Merge pull request #6065 from mpg/explore2
...
Driver-only hashes: RSA 1.5 and PK + strategy doc
2022-07-28 10:43:38 +02:00
ce7f18c00b
Fix a/an typos in doxygen and other comments
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2022-07-28 05:50:56 +01:00
68429fc44d
Fix a few more typos
...
Update link while at it.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2022-07-27 20:44:02 +02:00
22f3654324
Remove NULL pointer validation in ecp.c
...
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com >
2022-07-27 15:21:48 +01:00
a891f83803
Re-introduce ENUM validation in ecjpake.c
...
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com >
2022-07-27 15:20:08 +01:00
2b1ecdaf4e
Remove NULL pointer validation in ecjpake.c
...
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com >
2022-07-27 15:20:08 +01:00
f69cac784a
Reintroduce enum validation ecdh.c
...
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com >
2022-07-27 14:43:38 +01:00
7857caadcd
Remove NULL pointer validation in ecdh.c
...
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com >
2022-07-27 14:40:47 +01:00
375950f119
Remove NULL pointer validations in ecdsa.c
...
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com >
2022-07-27 14:28:20 +01:00
31e03a8e15
Replace hard-coded zeroes for constant
...
Replace two occurances of hard-coded zero for
MBEDTLS_SSL_COMPRESS_NULL in TLS 1.3 code.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com >
2022-07-26 16:13:23 +01:00
54e38ea9cd
Remove remaining references to compression in docs
...
Some references to compression exist in the docs.
This commit removes those instances.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com >
2022-07-26 16:13:23 +01:00
20f89a9605
Remove uses of SSL compression
...
Remove or modify current uses of session compression.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com >
2022-07-26 16:13:03 +01:00
